EUVD-2026-30932

Improper Handling of Syntactically Invalid Structure in Sparx Pro Cloud Server allows Denial of Service DoS attack to be executed by sending an specially crafted SQL query. This causes the Pro Cloud Server service to terminate unexpectedly. The vendor was notified early about this vulnerability,...

PT-2026-31120

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Brainstorm Force OttoKit suretriggers allows Blind SQL Injection.This issue affects OttoKit: from n/a through = 1.1.20...

CVE-2024-13149 SQLi in Arma Store's Armalife

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection', CWE - 200 - Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Arma Store Armalife allows SQL Injection. This issue affects Armalife: through 20250916. NOTE: The vendor did not inform abou...

Horizon Business Services Caterease 安全漏洞

Horizon Business Services Caterease is an event planning and catering software from Horizon Business Services, USA. A security vulnerability exists in Horizon Business Services Caterease versions 16.0.1.1663 through 24.0.1.2405 and later versions, which stems from improper neutralization of the u...

USN-6879-1: Virtuoso Open-Source Edition vulnerabilities

Jingzhou Fu discovered that Virtuoso Open-Source Edition incorrectly handled certain crafted SQL statements. An attacker could possibly use this issue to crash the program, resulting in a denial of service. CVE-2023-31620, CVE-2023-31622, CVE-2023-31624, CVE-2023-31626, CVE-2023-31627,...

WordPress plugin WP SMTP 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blogging sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

USN-5501-1 python-django vulnerability

It was discovered that Django incorrectly handled certain SQL. An attacker could possibly use this issue to expose sensitive information...

PT-2022-13827 · Cnmaestro · Cnmaestro

Name of the Vulnerable Software and Affected Versions: On-Premise cnMaestro affected versions not specified Description: The issue concerns a pre-auth data exfiltration vulnerability due to improper neutralization of special elements used in an SQL command. This could allow an attacker to...

Buffer overflow

The WP Statistics WordPress plugin before 13.0.8 relied on using the WordPress escsql function on a field not delimited by quotes and did not first prepare the query. Additionally, the page, which should have been accessible to administrator only, was also available to any visitor, including...